<?php

/* create a new user based on post request */
/* and redirect to original page */

/* should check for current users session*/
/* should check for existing email in database */

include("inc/dbConnection.php");
$db = new Dbo(); // call mysql_connect to use sanitizing function

include("class/accounts.class.php");

$email = mysql_real_escape_string($_POST["email"]);
$password = mysql_real_escape_string($_POST["password"]);
$permission = mysql_real_escape_string($_POST["role"]);
$firstname = mysql_real_escape_string($_POST["firstname"]);
$lastname = mysql_real_escape_string($_POST["lastname"]);

accounts::getInstance()->add_account($firstname, $lastname, $password, $permission, $email);

header("Location: " . $_SERVER['HTTP_REFERER']);

?>